Update: supports file v4 signatures

Note: public key v3 signatures are not supported Fix various bugs and potentials buffer overflows

Update: supports file v4 signatures
Note: public key v3 signatures are not supported Fix various bugs and potentials buffer overflows
11922961 · Rafaël Carré · 96250779 · 11922961 · 11922961 · 11922961
Commit 11922961 authored May 18, 2008 by Rafaël Carré
Showing with 483 additions and 259 deletions

doc/release-howto.txt doc/release-howto.txt +4 -4

include/vlc_pgpkey.h include/vlc_pgpkey.h +1 -1

include/vlc_update.h include/vlc_update.h +46 -44

src/misc/update.c src/misc/update.c +432 -210

No files found.
--- a/doc/release-howto.txt
+++ b/doc/release-howto.txt
@@ -23,7 +23,7 @@
  - copy the tar.gz and tar.bz2 file on ftp.videolan.org in
    /opt/ftp/pub/videolan/testing/vlc-X.X.X/
  - generate md5 hashes and gpg signature of these files
-    (use gpg --sign --detach --armor --force-v3-sigs)
+    (use gpg --sign --detach --armor)

 * Contribs
  - Put a copy of the libraries or git snapshot in vlc-X.X.X/contrib
@@ -36,7 +36,7 @@
    Build in the "buildbeos" chroot on altair.
    # add the .zip files to /opt/ftp/pub/videolan/testing/vlc-X.X.X/beos/
   generate md5 hashes and gpg signature of these files
-   (use gpg --sign --detach --armor --force-v3-sigs)
+   (use gpg --sign --detach --armor)

 * Win32 Packages
    make the packages using the nightly builds configure/options/... , don't forget --enable-update-check
@@ -44,12 +44,12 @@
    kind of suxxs)
    add the .zip and .exe files to /opt/ftp/pub/videolan/testing/vlc-X.X.X/win32/
   generate md5 hashes and gpg signature of these files
-   (use gpg --sign --detach --armor --force-v3-sigs)
+   (use gpg --sign --detach --armor)

 * OS X packages
   configure with --enable-update-check
   generate md5 hashes and gpg signature of these files
-   (use gpg --sign --detach --armor --force-v3-sigs)
+   (use gpg --sign --detach --armor)

 * Commit changes ... it never works the first time


--- a/include/vlc_pgpkey.h
+++ b/include/vlc_pgpkey.h
@@ -32,6 +32,7 @@ static uint8_t videolan_public_key_longid[8] = {
  0x8B, 0x08, 0x52, 0x31, 0xD0, 0x38, 0x35, 0x37
 };

+/* gpg --export --armor "VideoLAN Release"|sed -e s/^/\"/ -e s/\$/\\\\n\"/ */
 static uint8_t videolan_public_key[] = {
 "-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
 "Version: GnuPG v2.0.4 (FreeBSD)\n"
@@ -78,4 +79,3 @@ static uint8_t videolan_public_key[] = {
 "=Ic/K\n"
 "-----END PGP PUBLIC KEY BLOCK-----\n"
 };
-
--- a/include/vlc_update.h
+++ b/include/vlc_update.h
@@ -33,17 +33,25 @@

 #include <vlc/vlc.h>

-#include <vlc_stream.h>     /* key & signature downloading */
-#include <vlc_strings.h>    /* b64 decoding */
-#include <vlc_charset.h>    /* utf8_fopen() */
-#include <gcrypt.h>         /* cryptography and digest algorithms */
-
 /**
 * \defgroup update Update
 *
 * @{
 */

+/* Go reading the rfc 4880 ! NOW !! */
+
+/*
+ * XXX
+ *  When PGP-signing a file, we only sign a SHA-1 hash of this file
+ *
+ *  As soon as SHA-1 is broken, this method is not secure anymore, because an
+ *  attacker could generate a file with the same SHA-1 hash.
+ *
+ *  Whenever this happens, we need to use another algorithm / type of key.
+ * XXX
+ */
+
 enum    /* Public key algorithms */
 {
    /* we will only use DSA public keys */
@@ -75,14 +83,11 @@ enum    /* Signature types */
    POSITIVE_KEY_SIGNATURE  = 0x13  /* Substantial verification */
 };

-
 enum    /* Signature subpacket types */
 {
    ISSUER_SUBPACKET    = 0x10
 };

-
-
 struct public_key_packet_t
 { /* a public key packet (DSA/SHA-1) is 418 bytes */

@@ -96,52 +101,49 @@ struct public_key_packet_t
    uint8_t y[2+128];
 };

-/* used for public key signatures */
-struct signature_packet_v4_t
-{ /* hashed_data or unhashed_data can be empty, so the signature packet is
-   * theorically at least 54 bytes long, but always more than that. */
+/* used for public key and file signatures */
+struct signature_packet_t
+{
+    uint8_t version; /* 3 or 4 */

-    uint8_t version;
    uint8_t type;
-    uint8_t public_key_algo;
-    uint8_t digest_algo;
-    uint8_t hashed_data_len[2];
-    uint8_t *hashed_data;
-    uint8_t unhashed_data_len[2];
-    uint8_t *unhashed_data;
-    uint8_t hash_verification[2];
-
-    /* The part below is made of consecutive MPIs, their number and size being
-     * public-key-algorithm dependant.
-     * But since we use DSA signatures only, we fix it. */
-    uint8_t r[2+20];
-    uint8_t s[2+20];
-};
+    uint8_t public_key_algo;    /* DSA only */
+    uint8_t digest_algo;        /* SHA-1 only */

-/* Used for binary document signatures (to be compatible with older software)
- * DSA/SHA-1 is always 65 bytes */
-struct signature_packet_v3_t
-{
-    uint8_t header[2];
-    uint8_t version;            /* 3 */
-    uint8_t hashed_data_len;    /* MUST be 5 */
-    uint8_t type;
-    uint8_t timestamp[4];       /* 4 bytes scalar number */
-    uint8_t issuer_longid[8];  /* The key which signed the document */
-    uint8_t public_key_algo;    /* we only know about DSA */
-    uint8_t digest_algo;        /* and his little sister SHA-1 */
-    uint8_t hash_verification[2];/* the 2 1st bytes of the SHA-1 hash */
+    uint8_t hash_verification[2];
+    uint8_t issuer_longid[8];
+
+    union   /* version specific data */
+    {
+        struct
+        {
+            uint8_t hashed_data_len[2];     /* scalar number */
+            uint8_t *hashed_data;           /* hashed_data_len bytes */
+            uint8_t unhashed_data_len[2];   /* scalar number */
+            uint8_t *unhashed_data;         /* unhashed_data_len bytes */
+        } v4;
+        struct
+        {
+            uint8_t hashed_data_len;    /* MUST be 5 */
+            uint8_t timestamp[4];       /* 4 bytes scalar number */
+        } v3;
+    } specific;

    /* The part below is made of consecutive MPIs, their number and size being
     * public-key-algorithm dependant.
-     * But since we use DSA signatures only, we fix it. */
+     *
+     * Since we use DSA signatures only, there is 2 integers, r & s, made of:
+     *      2 bytes for the integer length (scalar number)
+     *      160 bits (20 bytes) for the integer itself
+     *
+     * Note: the integers may be less than 160 significant bits
+     */
    uint8_t r[2+20];
    uint8_t s[2+20];
 };

 typedef struct public_key_packet_t public_key_packet_t;
-typedef struct signature_packet_v4_t signature_packet_v4_t;
-typedef struct signature_packet_v3_t signature_packet_v3_t;
+typedef struct signature_packet_t signature_packet_t;

 struct public_key_t
 {
@@ -150,7 +152,7 @@ struct public_key_t

    public_key_packet_t key;       /* Public key packet */

-    signature_packet_v4_t sig;     /* Signature packet, by the embedded key */
+    signature_packet_t sig;     /* Signature packet, by the embedded key */
 };

 typedef struct public_key_t public_key_t;

--- a/src/misc/update.c
+++ b/src/misc/update.c